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Abstract 

We consider the problem of evaluating certain exponential sums. These sums take the form 

E 



g-^/(^i.2;2,---,a:„) 



where each Xi is summed over a ring Zjv, and f{xi, X2, ■ ■ ■ , Xn) is a multivariate polynomial with 
integer coefficients. We show that the sum can be evaluated in polynomial time in n and log TV 
when / is a quadratic polynomial. This is true even when the factorization of N is unknown. 
Previously, this was known for a prime modulus N. On the other hand, for very specific families 
of polynomials of degree > 3 we show the problem is #P-hard, even for any fixed prime or prime 
power modulus. This leads to a complexity dichotomy theorem — a complete classification of each 
^ ' problem to be either computable in polynomial time or #P-hard — for a class of exponential sums. 

Cn , These sums arise in the classifications of graph homomorphisms and some other counting CSP 

type problems, and these results lead to complexity dichotomy theorems. For the polynomial-time 



^\i ■ algorithm. Gauss sums form the basic building blocks. For the hardness results, we prove group- 

jy-! I theoretic necessary conditions for tractability. These tests imply that the problem is #P-hard for 

f^ ' even very restricted families of simple cubic polynomials over fixed modulus N. 

O' 



^ '■ 1 Introduction 

H ; 

Exponential sums are among the most studied objects in number theory |12l \T0\ lllj . They have fas- 
cinating properties and innumerable apphcations. Recently they have also played a pivotal role in the 
study of the complexity of graph homomorphisms [8*, T\ . 

The most fundamental and well-known among exponential sums are those named after Gauss. The 
simplest Gauss sum is as follows. Let p be an odd prime, and ojp = e^'^*'^ be the p-th primitive root 
of unity. Then the Gauss sum over Zp is 

G = y^ I - I ojp, where ( - j is the Legendre symbol. (1) 
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In this paper, we will need to use a more general form of the Gauss sum which will be defined later in 
Section [2j Another well-known expression for G in ([T|) is: 



<p 



.2 



where the exponents are quadratic residues (mod p), and one can observe that {oOpY are somewhat 
"randomly" distributed on the unit circle. Gauss knew the remarkable equality G^ = (— l)^^~^''^p: 

G = ±^ if p = 1 (mod 4), and G = ±i^ if p = 3 (mod 4). (2) 

In particular |G| = y^ which is an expression that the p terms in the sum G are somewhat "random" 
(but note that the equality is exact). However, the truly amazing fact is that, in all cases, the plus 
sign (+) always holds in ^. Gauss recorded this conjecture in his diary in May 1801, and on August 
30, 1805, Gauss recorded that a proof of the "very elegant theorem mentioned in 1801" had finally 
been achieved.!!] 

In this paper, we consider the complexity of evaluating exponential sums of the form 



Xl,...,Xn&^N 



Z{NJ)= ^ eV 



where each Xi is summed over a ring Zjv and /(xi, . . . ,x„) is a multivariate polynomial with integer 
coefficients. (We may assume that the coefficients of / are from Z^r.) The output of this computation 
is an algebraic number, in the cyclotomic field Q(e^'^*' ). Any canonical representation of the output 
algebraic number will be acceptable ^ [7]. These sums are natural generalizations of the sums con- 
sidered by Gauss, and with arbitrary polynomials f{xi,X2, ■ ■ ■ ,Xn), they have also played important 
roles in the development of number theory. 

Our main results are as follows: We show that the sum Z{N, f) can be evaluated in polynomial 
time when / is a quadratic polynomial. The computational complexity is measured in terms of n, 
logN, and the number of bits needed to describe /. While it is known that Z(N, f) can be computed 
efficiently when A^ is a prime [13], our algorithm works for any composite modulus A^, even without 
knowing its prime factorization. On the other hand, for very specific families of polynomials of degree 
> 3 we show the problem is ^T^P-hard even for any fixed prime or prime power modulus. This leads to 
a complexity dichotomy theorem — a complete classification of each problem to be either computable 
in polynomial time or #P-hard — for a class of exponential sums. 

For the polynomial-time algorithm, we employ an iterative process to eliminate one variable at a 
time. Gauss sums form the basic building blocks. The fact that we know the exact answer to the 
Gauss sum, including the sign, is crucial. It turns out that the situation is different for an odd or an 
even modulus A^. A natural idea is to deal with each prime power in the modulus A^ separately, and 
combine the answers by Chinese remaindering. It turns out that the algorithm is more difficult for a 
modulus which is a power of 2, than for an odd prime power. A more fundamental difficulty arises 
when A^ is large and its prime factorization is unknown. We overcome this difficulty as follows: (1) 
Factor out all powers of 2 in A^ and deal with it separately. (2) Operate in the remaining odd modulus 
as if it were an odd prime power; whenever this operational commingling encounters an obstacle, we 



^ In a letter dated September 3, 1805 Gauss wrote that ... Seldom had a week passed for four years that he had not 
tried in vein to prove hts conjecture of 1801 ... Finally, "Wie der Blitz einschldgt, hat sich das Rdthsel gelost ..." [^'as 
tning strikes was the puzzle solved ..."). 



manage to discover a non-trivial factorization of the modulus into relatively prime parts. In that case 
we recurse. 

Theorem 1.1. Let N be any positive integer and f £ Tl\x\, . . . ,Xn] he a quadratic polynomial (every 
monomial has degree at most 2) in n variables xi, . . . ,Xn- Then the sunn Z(N, f) can be evaluated in 
polynomial time in n, log A^, and the number of bits needed to describe f . 

Previously it was known that for quadratic polynomials / the sum can be computed in polynomial 
time, if A^ is a prime [13]. An algorithm with running time 0{n^) can also be found in the paper by 
Ehrenfeucht and Karpinski [5]. Compared to these algorithms, ours works for any A^ even if it is given 
as a part of the input and its factorization is unknown. It was also suggested that there is a reduction 
from root counting. One can express the sum as 

N-l 



E #[/ = ^] • ^' 



fc=0 

If A^ is polynomially bounded and if one can compute #[/ = h\ for all /c, then one can compute the 
sum. But this works only when A^ is small. Our results are for general A^ (polynomial time in the 
length log A^). In our algorithm. Gauss sums play a crucial role. Any claim to the contrary amounts to 
an independent proof of Gauss's sign formula (that "very elegant theorem mentioned in 1801") since 
it is not only a crucial building block of our algorithm, but it is also a special case of the algorithm. 
We also note that our treatment for the case when A^ is a power of 2 is significantly different than 
previous work. No simple adaptation of ideas from Sylvester's law of inertia seems to work. 

For the hardness result, we give several successively more stringent necessary conditions for a class 
of polynomials to be tractable. The first necessary condition involves the rank of an associated matrix, 
and the proof uses the widely applicable dichotomy theorem of Bulatov and Grohe [1] for counting 
graph homomorphisms over non-negative weighted graphs. The second necessary condition involves 
linear independence and orthogonality. The third and much more stringent necessary condition is 
group-theoretic in nature; it asserts that the set of row vectors of a certain complex matrix must form 
a group. In ^, Goldberg et al. had proved a similar condition for {—1,-1-1} matrices, in the study 
of graph homomorphisms over real weighted graphs. Finally, in subsection 15.41 we give a generalized 
Group Condition which leads to a complexity dichotomy. 

Previously, it was shown by Ehrenfeucht and Karpinski that for any fixed prime A^, the problem 
of computing Z{N,f) for general cubic polynomials is #P-hard [5]. However, our tests in Section [5] 
are more powerful. They allow us to prove the #P-hardness of Z(N, f) even if / belongs to some very 
restricted families of polynomials, since they fail one of the tests in Section [5] (see Corollary 15.21 and 
Corollary 15.31 for examples) . 

These sums arise recently in the classifications of graph homomorphisms and some other counting 
CSP type problems (a class of local constraint problems, including CSP as well as Holant Problems). 
For example, the tractability of the special case when A^ = 2 is a key component of the dichotomy 
theorem of Goldberg et al. [8] for graph homomorphisms over real weighted graphs. In particular, it 
implies that the graph homomorphism function Zii{-) (see definition in Section 5) with 

which had been an obstacle to the dichotomy theorem of Bulatov and Grohe pLj and was left open for 



some time, can actually be computed in polynomial time. 

2 Preliminaries 

Let oj^v = e^'^*'^ denote the A^th primitive root of unity. Let N = N1N2 be a non-trivial factorization 
namely Ni,N2 > 1. Suppose A''i and N2 are relatively prime, gcd(A^i, A'^2) = 1- Then there exist two 
integers a and 6, such that bNi + aN2 = 1. It follows that 

UJN = e ' ^ ■ e I "■ = ujj^^ ■ uj^^ . 

By Chinese remaindering, the mapping x >-^ (y, z), where y = x (mod A^i) and z = x (mod A^2)) is an 
isomorphism from Z^r — )• Zjv-^ x Z^Tj. Thus, we have 

Lemma 2.1. If bNi + aN2 = 1, then Z{NJ) = Z{Ni,af) ■ Z{N2,bf). 

It follows that if we know a non-trivial factorization of A^ into relatively prime factors A^i and N2 , 
then the problem Z{N, /) decomposes. In particular, we can factor A^ = 2 N' , where A^' is odd. Thus 
we can treat the problems Z{2^ , •) and Z{N', •) separately. In Section [3l we give an algorithm for the 
case when A^ is odd and in Section U] we deal with the case when N = 2^^. Theorem 11.11 then follows 
from these algorithms and Lemma |2.1[ 

Our algorithm crucially relies on the fact that the following general form of Gauss sum G{a,b) can 
be computed in polynomial time in logo and logb, without knowing their prime factorizations. Let a 
and b be non-zero integers, 6 > 0, and gcd(a,6) = 1. Then G{a,b) denotes the following sum: 

G'(a,6) = E.ez,^r'- 
A list of properties that we need to prove the tractability of G{a, b) can be found in Appendix 1X1 

3 Odd Modulus 

In this section, we present a polynomial-time algorithm for the case when A^ is odd. 

Lemma 3.1. Given an odd positive integer N and a quadratic polynomial f{xi,X2, ■ ■ ■ , Xn) € Z[xi, X2, 
. . . , Xn], the sum Z{N, f) can be computed in polynomial time. 

Proof. Consider the expression 

/(Xi, . . . , Xn) = z2i<je[n] (^ij^i^j + z2ie[n] ^i^i + "^O- (3) 

We may assume cq = 0, because it only contributes a constant factor to Z{N,f). For every non-zero 
coefficient c = Cij or q of /, we first compute the greatest common divisor g = gcd(A^, cL'°S2^J). Note 
that, if ordpA^ is the exact order of a prime p in A^, then A^ > p°'^'^p^ and thus ordpA^ < [log2 A^J . 
Hence if c shares any prime p with A^, but not all the prime factors of N, then g has the factor p°'^'^p^ 
and N = g ■ (N/g) is a non-trivial factorization of A^ into two relatively prime factors, g and N/g. 
We can test for every nonzero coefficient c = Cij or Cj whether N = g ■ {N/g) gives us a non-trivial 
factorization of A^ into two relatively prime factors. 



By Lemma 12.11 if for some coefficient c, we did find such a factorization N = Ni ■ N2, then the 
problem of computing Z{N, •) decomposes into two subproblems Z{Ni, •) and Z{N2, •)■ There can be 
altogether at most a linear number log2 N many subproblems. Therefore, a polynomial-time algorithm 
for each subproblem will give a polynomial-time algorithm for Z{N, /). 

Hence in the following we assume for each nonzero coefficient c = Cij or Cj, either gcd(A^, c) = 1 
or c has all prime factors of A^, and we know, by computing the gcd, which case it is for each c. 

We consider the following four cases. 

Case 1. There exists some diagonal coefficient Cj^j relatively prime to A^. 

Without loss of generality, we assume ci^i is relatively prime to N. 

Then ci,i is invertible in Zat. As N is odd, 2 is also invertible. Denote by c[ ^ an integer such that 
c\ j = {2ci^i)~^ci^i (mod N), for 2 < i < n. We have, modulo N, 

J{Xi, . . . , Xn) = Cii \Xi + 2xi{Ci2X2 -|- . . . + C]^ ,^X„jJ -|- }_^2<i<j<n (^ij^i^j + /_^i£[n] '^i-^i 
= Ci,i [xi + g{x2, . . . , Xn)] + Ci [xi + g{x2, ..., Xn)] + h{x2, ...,Xn), 

where g{x2, ■ ■ ■ , x„) = c'^ 2^2 + ■ ■ ■ + c'^ n^n and h is some quadratic polynomial in X2, • • • , x„. 

If we substitute y = xi + g{x2, ■ ■ ■ , x„) for xi, then for any fixed X2, ■ ■ ■ ,Xn G '^n, when xi takes 
all the values in Z^v, y also takes all the values in Ztv- Hence, we have 



ziN,f)= y: e 



ci_iy^+ciy+h{x2,...,x„) 



ziN,f)= E E 



Completing the square again, ci^iy + ciy = ci^i(y -|- (2ci^i) ci) + c', where c' = — cf/(4ci^i) G Z^r, 

Cl.l2^+/l'(x2,.--,2:n) 

where h'{x2, ■ ■ ■ , x„) = /i(x2, • • • , x„) + c' is an explicitly computed quadratic polynomial in X2, ■ ■ ■ , x„. 
It then follows that Z{N,f) = Z{N,h') ■ G{ci^i,N) where h' has one fewer variable than / and the 
Gauss sum G(ci^i, N) can be computed in polynomial time. This completes the proof of Case 1. 

Case 2. No q^j is relatively prime to N, but there exist some 1 < i < j < n such that gcd(cij, A^) = 1. 

By our earlier assumption, for every prime factor p oi N, p divides every Cj^j, for 1 < i < n. 

The existence of Cij for some i,j:l<i<j<n implies that in particular n > 2. Without loss of 
generality, we assume gcd(ci^2i A^) = 1- Now we perform the following substitution, 

xi=yi+ y2, and X2 = yi- y2, 

and Xi are unchanged, for any 2<i<nifn>2. This transformation is a 1-1 correspondence from 
Z^ to itself with inverse yi = (xi -|- X2)/2 and y2 = (xi — X2)/2, because 2 is invertible in Z^v- Since 
the transformation is linear it does not change the degree of /. It is easily checked that the coefficient 
of yf in the new polynomial is ci^i -|- C2,2 + ci,2- Since ci^i and 02,2 have all the prime factors of A^, 
ci,i + C2,2 + ci,2 is relatively prime to A''. As a result, this transformation reduces the computation of 
Z{N,f) to Case 1. 



Case 3. No coefficients Cij, where 1 < i < j < n, are relatively prime to N. However, there exists a 
Cj relatively prime to A^, for some 1 < i < n. 

Without loss of generality, assume gcd(ci, A^) = 1. Let p be a prime divisor of N, then 

p I ci,i,...,ci,n and yet pfci- (4) 

Let k = ordpN be the exact order of p in A^. Then A; > 1. Write A^ = p^Ni, then gcd(p, A'^i) = 1, and 
for some integers a and b we have bp'^ + oA^^i = 1. By Lemma |2. 11 Z{N,f) = Z{p'^,af) ■ Z{Ni,bf). 
Note that gcd(a,p) = 1. Hence the condition (j3|) above for the coefficients of / also holds for af. We 
will show Z{p^,af) = 0. For notational simplicity, we will write below / for af. 






^[p ,j)- 2^ ^pk 2^ ^pk 



X2,...,x„eZpfc a;ieZpfc 



We fix any X2, ■ ■ ■ ,Xn G Zpfc, and consider the inner sum over xi. 

If k = 1, then all terms ci^iXiXi disappear, and because p\ ci, the inner sum over xi is equal to 0. 

Suppose k > 1. Then we repeat the sum for p times with x^^> = xi+ j ■ p^~^, where < j < p — l- 
By (j3]), we have ci^iXiXi = ci^iX^^'Xi (mod p^) and 






Cl,iXlXi+ClXl 

p 



i^lGiipfc 




P-1 , JCi 



By p\ ci, the geometric sum X^^^g Wp = 0. This finishes Case 3. 

Case 4. No coefficients Qj- and q, where 1 < « < j < n and 1 < i < n, are relatively prime to A^. 

By our earlier assumption, this means that every prime factor of A^ divides every coefficient Cij and 
Q. Then we can find the joint gcd d of N with all these coefficients, which must at least contain every 
prime factor of A^, and divide out d in the exponent. By ujff = a;^/^, we get Z{N, f) = d- Z{N/d, /'), 
where /' = f/d is the quadratic polynomial obtained from / by dividing every coefficient with d. This 
reduces the modulus to N/d, and there can be at most log2 A^ many such steps. 

This completes the proof of Lemma 13.11 

4 Modulus is a Power of 2 

In this section, we deal with the more difficult case when the modulus, which we denote by q here, is 
a power of 2: q = 2 for some k > 1. We note that the property of an element c G Z^ being even or 
odd is well-defined. 

Lemma 4.1. Let q = 2^ for some positive integer k and /et / G Z[a;i, . . . , Xn] be a quadratic polynomial 
over n variables xi, . . . ,Xn- Then Z{q, f) can be evaluated in polynomial time. 

Proof. If A; = 1, Z{q., f) is computable in polynomial time according to pL3j, so we assume A; > 1. The 
algorithm goes as follows. For each round, we can, in polynomial time, either 

1. output the correct value of Z{q, f); or 



2. construct a new quadratic polynomial g G Zg/2[2;ii • • • ,Xn] and reduce the computation 
of Z(q,f) to the computation of Z{q/2,g); or 

3. construct a new quadratic polynomial g £ 7jg[xi, . . . ,a;„_i], and reduce the computation 
of Z{q, f) to the computation of Z{q, g). 

This gives us a polynomial-time algorithm for evaluating Z{q, /), since we know how to solve the two 
base cases when either k = 1 or n = efficiently. 

Suppose we have a polynomial / G Zq[xi, . . . , x„] as in ([3]). Our first step is to transform / so that 
all the coefficients of its cross terms (cjj, where 1 < i < j < n) and linear terms (q) are even. Assume 
/ does not yet have this property. We let t be the smallest index in [n] such that one of {q, Qj- '.jyt} 
is odd. By separating out the terms involving xt, we rewrite / as follows 

/ = Ct,t -xf + Xt ■ fi{xi,...,Xt,...,Xn) + f2ixi,...,Xt,...,Xn), (5) 

where /i is an affine linear function and /2 is a quadratic polynomial. Both /i and /2 here are over 
variables {xi, . . . ,Xn} — {xt}- (The notation xt means xt does not appear in the polynomial.) We let 

fl{xi,...,Xt,...,Xn) = Y.i<t (^i,tXi + J2j>t ^t,jXj + Ct. (6) 

By the minimality of t, Ci^t is even for all i < t, and at least one of {q, ctj : j > t} is odd. 
We claim that 

Ziq,f)= Yl a.,/("^'-'"") = Yl a./(-i'-.-"). (7) 

fl(xi,...,xt,...,Xn) = mod 2 



This is because 



f{xu...,x„) ^ \^ S^ ^ct,txl+xth+f2 

X\,...,Xn&iq Xl,...,Xt,--;X„S:Zq Xt&Zq 

/l = lmod2 /i = lmod2 



However, for any fixed xi, . . . ,Xt, . . . ,Xn, the inner sum over xt is equal to ujq times 

a:te[0:2fc-i-l] 2;te[0:2*--i-l] 

since /i = 1 mod 2. Note that we used [x + 2 )^ = x^ (mod 2 ) when A; > 1 in the first equation. 

Recall that /i (see Q) is an affine linear form over {xi, . . . ,xt, . . . , Xn}. Also note that Ci^t is even 
for all i < t, and one of {q, ctj : j > t} is odd. We consider the following two cases. 

In the first case, ctj is even for all j > t and q is odd, then for any assignment (xi, . . . ,xt, ■ ■ ■ , Xn) 
in Zg~^, /i is odd. As a result, by ([7]), Z(g, /) is trivially zero. 

In the second case, there exists at least one j > t such that ctj is odd. Let i > t he the smallest 
of such j's. Then we substitute the variable X£ in / with a new variable x'^, where (as ct/ is odd, ct/ 
is invertible in Z„) 



xe 



\e (24 - (Ei« Ci,tXi + Ej>ijV£ Ct jxj + q) ) • (8) 



and let /' denote the new quadratic polynomial in Zq[xi, . . . , j;£_i, x^, xg+i, . . . , x„]. We claim that 



Ziq,f') =2.Z{q,f) =2- ^ 



f(xi,...,x„) 

UJg 



/i=0 mod 2 

To prove this, we define the following map from Z^ to Z^ : {xi, . . . , x'^, . . . , Xn) i— 5- (a^i, . . . ,Xi, . . . , Xn), 
where xe satisfies ([8]). It is easy to check that the range of the map is the set of {xi, . . . ,Xi, . . . ,Xn) in 
Zg such that /i is even. Moreover for every such tuple (xi, . . . ,xe, . . . , Xn) the number of its preimages 
in Z" is exactly 2. The claim then follows. 

As a result, to compute Z{q, /), we only need to compute Z{q, /'), and the advantage of the new 
polynomial /' over / is the following property. 

Property 4.1. For every cross and linear term that involves xi, . . . ,xt, its coefficient in f is even. 

Proof. We show that after substituting the variable X£ in / with a new variable a;^ as in equation ([8]), 
the new polynomial /' G Zg[xi, . . . , x^_i, x^, x^^i, . . . , x„] we get satisfies Propertv 14.11 

To see this, we divide the terms of /' (that we are interested in, i.e. any cross term or linear term 
that contains at least one of Xi, . . . , Xj) into three groups: cross and linear terms that involve Xf ; linear 
terms x^, s < t; and cross terms of the form x^x^', where s < s' and s < t. 

Firstly, we consider the expression (l5|) of / after the substitution. The first term Q^fX^ remains 
the same; the second term xtfi becomes 2xiX^ by ([8]); and xt does not appear in the third term even 
after the substitution. Therefore, Property 14.11 holds for xj. 

Secondly, we consider the coefficient c'g of the linear term x^ in /', where s < t. Only the following 
terms in / can possibly contribute to c'g-. 

CgXs, ce^exj, Cs/XgXe, and qx£. 

By the minimality of t both Cs and Cg/ are even. For c^^^x'j and qx^, although we do not know whether 
ce/ and C£ are even or odd, we know that the coefficient —c^^ Cg^t of x^ in ([8]) is even since Cg^t is even. 
As a result, for every term in the list above, its contribution to c'g is even and thus, c'g is even. 

Finally, we consider the coefficient c'g g, of the term x^x^/ in /', where s < s' and s < t. Similarly, 
only the following terms in / can possibly contribute to c'g g,: (Here we consider the general case when 
s' / i. The special case when s' = i is easier.) 

Cg^s'XgXgi, ci/x}, Cg/XgXe, and ce^g'XeXg' (or Cg'^eXg'Xe). 

By the minimality of t, both Cg^g' and Cg/ are even. Moreover, the coefficient — c^^ Cg^t of Xs in ([8]) is 
even. As a result, for every term listed above, its contribution to c'g g, is even and thus, c'g g, is even. 
This finishes the proof of Property 14.11 D 

To summarize, after substituting xi with x^ using ([8]), we get a new quadratic polynomial /' such 
that Z(q, f) = 2 • Z{q, f) and for any cross and linear term that involves xi, . . . , Xj, its coefficient in /' 
is even. We can repeat this substitution procedure on /': either we show that Z{q, /') is trivially 0, or 
we get a quadratic polynomial /" such that Z{q, f") = 2 • Z{q, f) and the parameter t increases by at 
least one. As a result, given any quadratic polynomial /, we can, in polynomial time, either show that 
Z{q, /) is 0, or construct a new quadratic polynomial (7 G Zg[xi, . . . , Xn] such that Z{q, /) = 2*^ • Z{q, g) 



for some known integer d < n, and every cross term and linear term of g has an even coefficient. For 
notational simplicity, we can just assume that the given / in form ^ satisfies this condition. (Or in 
other words, we rewrite / for g.) We will show that, given such a polynomial f in n variables, we can 
reduce it either to the computation of Z{q/2, /'), in which /' is a quadratic polynomial in n variables; 
or to the computation of Z{q, /"), in which /" is a quadratic polynomial in n — 1 variables. 

We consider the following two cases: q^j is even for all i £ [n]; or at least one of the Ci/s is odd. 

In the first case, we know Cij and q are even for all 1 < i < j < n. We use c^ • and c^ to denote 
integers in [0 : 2'^"^ — 1] such that Cij = 2c^ • (mod q) and q = 2c^ (mod q), respectively. Then, 



xi,...,x„e2 



where 



/ ~ Z^i<je[n] '^ij^i^j + l^ie[n] '^i^i 



is a quadratic polynomial over Zg/2 = Z2'=-i- This reduces the computation of Z{q, /) to Z{q/2, /'). 
In the second case, without loss of generality, we assume ci^i is odd. Then we have 

/ = ci,i(x? + 2xi/i) + /2 = ci,i(xi + flf + f, 

where /i is an affine linear form, and /2, /' are quadratic polynomials, all of which are over X2, ■ ■ ■ , x„. 
We are able to do this because cij and ci, for all j > 2, are even. Now we have 

Z{qJ) = Y. ^r^""'^''^'^'' = E < • E -""^"'■'^^' = G(ci,i,,) • Z{qJ'). 

Xl,...,XneZq X2,...,Xn&q XlGZq 

The last equation is because the sum over xi G Zg is independent of the value of /i. This reduces the 
computation of Z{q, f) to Z{q, f) in which /' is a quadratic polynomial in n — 1 variables. 

To sum up, given any quadratic polynomial /, we can in polynomial time either output the correct 
value of Z{q, /); or reduce one of the two parameters, k or n, by at least 1. This gives us a polynomial 
time algorithm to evaluate Z(q, /), when g is a power of 2. D 

5 #P-Hardness 

We first introduce the definition of a partition function Za{-) [ 141 HI [6l [H [3] , where A is a symmetric 
complex matrix. We will give four necessary conditions on the matrix A for the problem of computing 
■^a(') being not #P-hard. Then we demonstrate the wide applicability of these necessary conditions 
by reducing Za{-), for some appropriate A, to Z{N, f) and proving that even computing Z{N, f) for 
some very restricted families of polynomials over a fixed modulus A^ is ^^P-hard. 

Finally, we show that for a large class of problems defined using Z{N, /), these conditions actually 
cover all the #P-hard cases. Together with the polynomial-time algorithm presented in Section [3] and 
m they imply an explicit complexity dichotomy theorem for this class. 



5.1 Partition Functions 

Let A € C™'^™ be an m X 7TT, symmetric complex matrix. We define the partition function, or grapfi 
homomorphism function, ^a(") as follows: Given any undirected graph G = {V,E) (here G is allowed 
to have multi-edges but no self loops) 

Za{G) = Yl wtA(G,e), where wtA(G,e) = H ^?(«).5M- (9) 

^■.V^[m] {u,v)gE 

The computational complexity of Za{-), for various A, has been studied intensely [HI HI El [H [3] . We 
need the following lemma which can be proved following an important result of Bulatov and Grohe [1]. 
The proof of the lemma uses the technique of Valiant [161 [T5] called interpolation, which is omitted 
here. 

Lemma 5.1 (The Rank-1 Condition). Let A G C*"^™ be a symmetric matrix, and A' he the matrix 
such that A[ ■ = \Aij\ for all i,j. If there exists a 2 x 2 suh-matrix B of A' such that B is of full rank 
and at least three of the four entries ofB are non-zero, then computing -^a(") is #P-hard. 

Next we use Lemma [5. II to prove a stronger necessary condition for ^a(") being not #P-hard. The 
proof can be found in Appendix [Bj In the statement below, we let Aj^^, denote the ith row vector of 
A. We say A is M-discrete, for some integer M > 1, if every entry of A is an M-th root of unity. 

Lemma 5.2 (Orthogonality). Let M be a positive integer, and let A be a symmetric and Af-discrete 
mxm matrix over C. // there exist i ^ j & [m] such that Aj^* and Aj^* are neither linearly dependent 
nor orthogonal, then computing ^a(") is #P-hard. 

5.2 The Group Condition 

Next, we prove a much stronger group-theoretic condition for ^a(") being not #P-hard, where A is 
any discrete unitary matrix defined below. A similar condition was first used in the paper by Goldberg 
et al. [8] for {±1} matrices, in the study of -^a(') over real matrices A. In the rest of this section, we 
use [0 : m — 1] to index the rows and columns of an m x m matrix for convenience. 

Definition 5.1 (Discrete Unitary Matrix). Let A £ ([;;"ix"i 5g ^ symmetric complex matrix. We say 
A is an M-discrete unitary matrix, for some positive integer M , if it is M-discrete and satisfies 

— Ao^i = Ai^Q = 1 for all i £ [0 : m — 1]; and for all i ^ j £ [0 : ?ti — 1], (Aj.*, Aj.*) = 0, where 

Given two vectors x and y S C", we let x o y denote their Hadamard product: z = x o y E C", 
where Zi = Xi ■ yi for all i. It is easy to see that operation o is associative, and when A is a discrete 
unitary matrix, its first row Aq,* = 1, the all-1 vector, is an identity element under this operation o. 

Lemma 5.3 (The Group Condition). Let A G C™^™ be a symmetric M-discrete unitary matrix, for 
some positive integer M . Then ^a(") is #P-hard, unless A satisfies the following Group Condition.- 



For all i, J G [0 : m — 1], there exists a k £ [0 : m — 1] such that Af^^^ = Aj^* o A 



J,*- 
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di 
Figure 1: The gadget graph ii^'^' for p = 1, in which the bold hne edges represent parallel edges. 

Remark: This is called the Group Condition because if A satisfies it, then the m row vectors Aj^,, 
of A form a group under the Hadamard product. To see that, by orthogonality, the map (i,j) i— s- k 
where A^^^, = Aj^* o Aj^* is uniquely defined. Since entries of A are nonzero, this product o satisfies 
the cancelation law: A^^^, o Aj^* = Aj^* o Aj/^^, =^ Aj^* = A.j>^*, and by orthogonality j = j' . Since the 
row set is finite, by the pigeonhole principle every Aj^* has an inverse. Thus it forms a group under o. 

Proof. Assume that ^a(') is not #P-hard. We prove that A satisfies the Group Condition. 

Let G = iy, E) be an undirected graph. For every integer p > 1, we build a new undirected graph 
q\p\ by replacing every edge uv & E with a gadget graph called W^'. (cf. the construction used by 
Goldberg et al. [8].) H^f' has 2p + 4 vertices u,v,a,b,Ci,di where i G \p]. There is one edge between 
{u,Ci),{ci,b),{di,a),{di,v); and M — 1 parallel edges between {ci,v), {ci,a), {di,b), {di,u). The gadget 
for the case p = 1 is shown in Figure [TJ After replacing every uv ^ E with H^^', we get 

GW = (yW,^W), where T/W = F U {oe, fee,Ce,i, . . . ,ce,p,4,i,. . . ,4,p \eeE}, 

and E'-P' contains the following edges: For any e = uv ^ E and any i G [p], there is one edge between 
(n,Ce,i), {ce,i,be), {de,i,ae), {de,i,v); and M- 1 edges between (ce,j, v), (ce,i, Oe), (4,1, &e), (4,i,«)- 
Now we define, for every p> 1, the following m x m matrix B^^': 

bIJ = Ee wt A (^[^1 , e) , for ah i, J G [0 : m - 1] , 

where the sum is over all possible assignments ^ from the vertex set of H^P' to [0 : m — 1] with ^(u) = 
i and S,{v) = j. By the definition of Zx{-) and the way we build G^'^^ from G, it can be checked that 

Z-Q[p\{G) = Za(G'^'), for all undirected graphs G. 

This gives us a polynomial-time reduction from Z-Q[p]{-) to Zj^{-), so Zg[p](-) is also not ^P-hard. 
Next, we take a closer look at the entries of B^^^. We have 
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B. 



[p] 



m—l m— 1 /m— 1 



P /m-1 



/ J / J I / J -Ai,c-^a,c-Ab,c-^j,c I I / ^ -Ai,d-^a,d-^b,d-^j,a 



a=0 6=0 V c=0 



m—l m—l 

Y.Y. 

a=0 b=0 



m—l 



/ J ■^i,c-'^a,c-'^b,c-^j,c 



c=0 



2p 



vd=0 



a=0 b=0 



2p 



In the first equation, we used the fact that (Aa^c) = Aa^c since Aa^c is an M-th root of unity. Also 
note that B^^^ is a symmetric non-negative matrix. Actually, every entry of B^^^ is positive (by taking 
a = i and b = j). As a result, we can apply Lemma |5. II on B^^l. Since we assumed that Z^[p] (•) is not 
#P-hard, we know that B'-P' is of rank 1, for every p > 1. 
For the special case when j = i £ [0 : m — 1], we have 



B^ 



Ip] 



m—l m—l 



Y^ Y^ (l,Aa,, oAfc 



2p 



m—l m—l 



/ J / J \A(j^*,Aft^* 



2p 



m ■ m 



2p 



a=0 6=0 a=0 6=0 

since A is an M-discrete unitary matrix. On the other hand, because the rank of B^^^ is 1, we have 

for all i,j £ [0 : m — 1] and all p> 1. (10) 

Now we use (jlOp to show that A satisfies the Group Condition. We start with some notation. Let 



B^]=m^P+\ 



Xij = l\{Ai^^o Aj^^,Aa^*o Ab^^)\ a,b £ [0 : m- 1]V, for i, j G [0 : m - 1]. 

Clearly Xij is a finite set for all i,j, with cardinality at most rn^. Every x G Xij satisfies < x < m. 
For each x G Xij, we let Sij{x) denote the number of pairs (a, 6) G [0 : tti — 1] x [0 : m — 1] such that 



[p] 
We can now rewrite B- ■ as 



\-^j,* '-' -^7,*) -^a,* '-' -^b,*) 






X. 



(11) 



which is equal to m^^"*"^ for all p > 1. Also note that Sij{x), for all x G Xij, do not depend on p, and 

Z.ex,,s^A^) = m\ (12) 

We can now view equations (|imi2p as a linear system in the unknowns Sij{x). Fix i,j, then there 
are \Xij\ many variables Sij{x), one for each distinct value x G Xij. Equations in (jlip are indexed 
by p > 1. If we choose (|12p and (jlip for p = 1, ..., \Xij\ — 1, this linear system forms an \Xij\ x \Xij\ 
Vandermonde matrix which has full rank |^jj|. Also notice that by setting (a, b) = {i,j) and (a, b) = 
{i',j), where i' / i, respectively, we get that m G Xij and G Xij, respectively. Moreover, we have 
Sij{0) = m? — m, Sij{m) = m, and all other Sij{x) = is a solution to the linear system. Therefore, 
this must be the unique solution. As a result, we have Xij = {0,m}, 

Sij{m) = m and Sjj(0) = m — m, for all i,j G [0 : m — 1]. 
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This implies that for ah i,j,a,b G [0 : m — 1], |(Aj^^, o Aj^*, A^^* o A{,^*)| is either m or 0. 

Finally, we prove the Group Condition. Set j = 0. Because Aq * is the all-1 vector, we have 



|(Ai,* o 1, Aa,* o Afe_*)| = |(Ai,* o Ab_^,, Aa,*)| G {0,m}, for all i,a,b e[0 -.m- 1]. 
As {Aa,* : a S [0 : m — 1]} is an orthogonal basis, where each ||Aa,*|p = m, by Parseval, we have 

V \(A- o Ai, A \l^ — m-IIA- o Ai IP 
Since every entry of Aj,* o A^ * is a root of unity, || Aj,* o A5 *|p = m. Hence 



2 



,2 



As a result, for all i,5 G [0 : m — 1], there exists a unique a such that |(Aj,* o A^,*, Aa,*)| = m. 

Since A is discrete unitary, every entry of Aj,*, Aj,,* and A^,* is a root of unity. The inner product 
(Aj,* o Afc,*, A(j,*) is a sum of m terms each of complex norm 1. However, to sum to a complex number 
of norm m, every term must be a complex number of unit norm with the same argument: they are the 
same complex number e . Thus, there exists a complex number e , such that Aj,* o Aj,* = e ■ A^,*. 
We assert that in fact e*^ = 1, and Aj,* o A;,,* = A^,*, since Aj,i = At,i = A^^i = 1. This finishes the 
proof of the lemma. D 

5.3 Application to the #P-Hardness of Z{N, f) 

The three necessary conditions we proved in Section 5.2 are very powerful, and can be used to prove 
the #P-hardness of Z{N, /), for some very restricted families of polynomials over a fixed modulus A'^. 
We would like to say, e.g., evaluating Z{N,f), when / contains terms 2;ia;2X3, is ^^P-hard. However, 
we have to be very careful; such complexity-theoretic statements are only meaningful for a sequence 
of polynomials, and not an individual polynomial. This motivates the following definitions. 

Let h G Z[xi, . . . ,Xr] be a fixed polynomial (e.g., h = a;ia;2a;3) where r = 3). We say / G Z[xi, 
. . . ,Xn] is an h-type polynomial, if there exists an r-uniform hypergraph G = (y,E), where V = [n], 
such that (Here we allow G to have multiple edges, i.e., ii^ is a multiset; and edges in E are ordered 
subsets of [n] of cardinality r) 

f{xi, . . . ,Xnj = Z/(ii,...,i,.)e_B h[Xi-^, . . . ,Xi^j. (13) 

Definition 5.2. Let q = p^ be a prime power, and h G Z[xi, . . . , Xr] be a polynomial. We use S\q, h\ 
to denote the following problem: Given any r-uniform hypergraph G, compute Z{q,f), where f is the 
h-type polynomial defined by G = {V, E) using (fT3]) . 

First, we use the rank-1 condition to prove the hardness of S[q, hi], where hi(xi,X2,x^) = xia;22:3- 

Corollary 5.1. For any fixed prime power q = p*, S[q, hi] is #P-hard. 

Proof. Let A be the following q x q complex matrix (here we use [0 : g — 1] to index A): 

Aij= Yl ^f' foralH,jG[0:g-l]. 

fce[0:q-l] 
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It is clear that A is symmetric. Moreover, we have ^0,0 = ^0,1 = ^1,0 = Q but Ai^i = 0. As a result, 
by Lemma |5. II the problem of computing Z\(-) is #P-hard. However, there is also a polynomial-time 
reduction from Za{-) to S[q,hi]. Given any input graph G = (y,E) of ^a(')) ^^ build a 3-uniform 
hypergraph G' = {V',E') as follows: 

V' = Vu{we: e€ E} and E' = {{u,v,We) : e = uv e E}. 

By definition, it is easy to check that Za(G) = Z{q, /), where / is the /ii-type polynomial defined by 
G'. As a result, S[q,hi] is also #P-hard. D 

Second, we show how to employ the Orthogonality condition to prove the ^^P-hardness of S[q, /i2] 
and S[q,hs\, where h2{xi,X2) = x\x2 and /i3(xi,X2) = a:iX2 + x\x\, respectively. 

Corollary 5.2. For any prime power q ^ {2, 4}, S[q, /i2] is #P-hard; and for any odd prime power q, 
S[q,h^] is #P-hard. 

Proof. Let A be the following q x q matrix defined by /i2: 

and we show that .^a(0 can be reduced to S[q, /i2]. Given any undirected graph G = (V, E), we build 
the following directed graph G' = {V,E'), where E' = {{u,v), {v,u) : uv G E}. Then we always have 
Za{G) = Z{q,f), where / is the /12-type polynomial defined by G' . It is easy to check that if q is 
odd, then Aq,* and Ai^* are neither linearly dependent nor orthogonal; and if g ^ {2,4} is a power of 
2, then Aq,* and A2,* are neither linearly dependent nor orthogonal. This proves the #P-hardness of 
S[q,h2]. 

For S[q, /is], one can similarly define the following matrix A: 

Aij = a;^«(^'^), for aU ij(^[0:q-l], (14) 

and prove that Za.{-) can be reduced to S[q,h3]. Moreover, when q is an odd prime power, the two 
vectors Aq,* and Ai^^, are neither linearly dependent nor orthogonal. This finishes the proof. D 

However, even with the Orthogonality condition, we are not able to show the hardness of S[q, h^] 
when g = 2* and t > 3. This is because the matrix A defined by /13 in (J14p is discrete unitary and thus, 
passes the orthogonality test. To prove its #P-hardness, we need to use the much stronger Group 
condition: 

Corollary 5.3. For any g = 2* ^ {2,4}, S[q,h3] is #P-hard. 

Proof. When g = 2* ^ {2, 4}, the matrix A defined by h^ is g-discrete unitary but does not satisfy the 
Group Condition. The #P-hardness of S[q, /13] then follows from Lemma |5.3[ D 

5.4 A Dichotomy Theorem for S[q, h] 

Let g be a prime power, and h G Zg[xi,X2] be a symmetric polynomial. By the proofs of Corollary 
15.21 and [ 5.31 the problem S[q,h] is computationally equivalent to Z^i-) where A is the following qx q 
and g-discrete matrix: 
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Aij = uf'^^ , for alH, i G [0 : g - 1] . (15) 

Although the Orthogonality condition and the Group condition can be used to prove the #P-hardness 
oi S[q,h] for many interesting polynomials h, as demonstrated in Corollary 15.21 and 15.31 it does not 
cover all the ^^P-hard problems S[q, h]. For example, even if we assume that h is symmetric and every 
monomial in h{xi,X2) contains both xi and X2 (and thus, /i(0, x) = h{x,0) = for all x G Zg and the 
matrix A defined in (|15p is symmetric and normalized: ^o.i = ^i,o = 1 for all i), the Group condition 
cannot deal with the case when there exist indices i ^ j G [0 : q — 1] such that Aj^* = Aj^^,. We will 
use C to denote this class of problems. 

We can prove a stronger theorem — the fourth condition, which is a strengthening of the current 
Group condition, leading to a complexity dichotomy theorem for C. The proof is omitted here. 

Lemma 5.4 (The Generalized Group Condition). Let A be any m x m symmetric, normalized, and 
M -discrete matrix for some positive integer M , such that for all indices i and j £ [0 : ?tt, — 1], either 
Aj^^, = Aj^^, or (Aj^*, Aj^^,) = 0. Let Ti, . . . ,T^ be a partition of [0 : m — 1] such that 

Ai,, = Aj> ^^ 3ke[i]: i,j G T^. 

Then .^a(") is #P-hard unless A satisfies the following Generalized Group Condition.' 

— \/k G [i], \Tk\ = m/i; and y i,j £ [0 : ?tt, — 1], 3k £ [0 : m — 1] such that A^^,, = Aj^* o Aj^,,. 

By combining the Generalized Group Condition with the Orthogonality Condition, we are able to 
show that for every problem S[q,h] G C, either S[q,h] is #P-hard; or we have A = J (g) A' where J 
is an all-1 matrix and A' is a (/-discrete unitary matrix that satisfies the original Group Condition. 
The latter can ultimately lead to a polynomial-time algorithm for Zj^(-) as well as S[q,h], using the 
algorithm developed in Section 3 and 4. 
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Appendix 

A Gauss Sums 

In this section, we gather together some facts we need about Gauss sums. More information can be 
found in the book "Algebraic Number Theory" by Serge Lang |12j . 

Let a and b be non-zero integers, b > 0, and gcd(a, b) = 1. Let G{a, b) denote the fohowing sum: 





Gia,b) -- 


xGZ(, 


The folfowing identities are known. 






• G(a,l) = L 






• If p is an odd prime, then 







G{a,p) = I — ) ■ ^(1,^), where I — J is the Legendre symbol. 

If p is an odd prime, and r > 2 is an integer, then G{a,p''") = p • G{a,p^~'^). 

Let 6, c > 1, gcd(6, c) = 1, and gcd(a, 5c) = 1. Then G{a,bc) = G{ab,c) ■ G{ac,b). 

If b is odd > 1, then 

G{a,b) = (t) ■ ^(1,6), where (t) is the Jacobi symbol. 

When a = 1, we have (Note the positive sign in front of Vb.) 



G{l,b) = { 



' (l + i)\/6 if 6 = (mod 4) 

y/b \ib = \ (mod 4) 

\ib = 1 (mod 4) 

i\/6 if 5 = 3 (mod 4). 



For odd a, 




G(a,2^) = 




and 





cyr 

e(a) • G(l,2^), where ( ) is the Jacobi symbol. 



e a 



1 if a = 1 (mod 4) 
i if a = 3 (mod 4). 



An immediate conclusion is that the Gauss sum G(a, b) can be computed in polynomial time, in input 
length logo + log 6, without knowing their prime factorizations. 
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Figure 2: The gadget graph H^ in which the bold hne edges represent parahel edges. 

B Proof of Lemma 15.21 

Let G = (y, E) be an undirected graph. We construct a new undirected graph G* by replacing each 
edge uv £ E with a gadget graph H as shown in Figure [21 H has four vertices u,v,a,b. There is one 
edge between (n, a) and {b,v), and M — 1 parallel edges between {a,v) and {u,b). 
More exactly, we define the new graph G* = {V*,E*) as follows: 

V* = Vu{ae,be\eG E} 

and E* contains exactly the following edges: For each e = uv G E, 

1. one edge between {u,ae) and {be,v); and 

2. {q — 1) parallel edges between {ae,v) and {u,be)- 

Now we define A* as the following M x M symmetric matrix: 

2 



*ii — / J -^i,a-^j,b-^j,a-^ 

a,belM] 



i,b 



ae[M] 



for alH,i G [M]. 



By the definition of Zjs^{-) and the way we build G* from G using H, it can be checked that 

Za*(G) = Za{G*), for all undirected graphs G. 

This gives us a polynomial-time reduction from Za*(-) to .^a(")- 

Next we observe the entries of the new matrix A* . Without loss of generality, we assume the row 
1 and row 2 of A are neither linearly dependent nor orthogonal. As a result, we have 

^* g = Al^ = M^, but < A^ 1 = Alo < M^. 

As a result, by Lemma |5. 11 .^a*(") is ^^P-hard and thus, .^a(") is also #P-hard. 
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